Pages

Crunching data from the myriad systems in the enterprise could yield new insight into how to protect sensitive data and even predict the next cyberattack, but many firms will be forced to seek outside help to reap the benefits, according to a new study.

Over the next three to five years, big data analytics tools will advance rapidly, according to a new report conducted by security experts at Booz Allen Hamilton and Northeastern University. The study, sponsored by RSA, The Security Division of EMC Corp., predicts that risk assessments and threat detection will be automated to the point that security response teams can predict an incident before it happens and take action to thwart attacks.

"There's no precision in the model that allows us to do threat predicting around an anomalous authentication event, and that speaks to the failure of perimeter-based security," said Eddie Schwartz, vice president and chief information security officer at RSA in an interview with CRN. "Forecasters are ignoring data that can provide immediate value to advanced threat management."

Big data analytics has become a trending buzzword at security conferences in recent years. Security experts first pointed out that security information and event management (SEIM) systems would provide the log collection necessary to detect anomalous activity and aid forensics teams to determine the extent of a data breach. But network security analysis systems like NetWitness, which was acquired by RSA in 2011, are being built out to provide more extensive analytical capabilities. Other competitors include Solera Networks, Niksun and Damballa.

The report, "Big data fuels intelligence-driven security," (.pdf) issued this week, recommends organizations undergo a risk assessment and an industry peer comparison. It said a shared data architecture for security information is needed to collect captured information in a data warehousing system. Despite being in different formats, new tools will help index and normalize the data for analysis.